The TKM Diffie-Hellman plugin now maps IANA DH identifiers to TKM DH
algorithm identifiers. The mapping is specified in the daemon's
'dh_mapping' section in the strongswan.conf file:
dh_mapping {
iana_id1 = tkm_id1
iana_id2 = tkm_id2
iana_id3 = tkm_id3
...
}
Only the mapped IANA IDs are registered as supported DH groups.
Due to problems with the external libraries tkm_init/deinit can't be
called for each test case. Because of this leak detective has to be
disabled for these tests.
INCLUDES are now deprecated and throw warnings when using automake 1.13.
We now also differentiate AM_CPPFLAGS and AM_CFLAGS, where includes and
defines are passed to AM_CPPFLAGS only.
This new flag gives the kernel-interface a hint how it should priorize the
use of newly installed SAs during rekeying.
Consider the following rekey procedure in IKEv2:
Initiator --- Responder
I1 -------CREATE-------> R1
I2 <------CREATE--------
-------DELETE-------> R2
I3 <------DELETE--------
SAs are always handled as pairs, the following happens at the SA level:
* Initiator starts the exchange at I1
* Responder installs new SA pair at R1
* Initiator installs new SA pair at I2
* Responder removes old SA pair at R2
* Initiator removes old SA pair at I3
This makes sure SAs get installed/removed overlapping during rekeying. However,
to avoid any packet loss, it is crucial that the new outbound SA gets
activated at the correct position:
* as exchange initiator, in I2
* as exchange responder, in R2
This should guarantee that we don't use the new outbound SA before the peer
could install its corresponding inbound SA.
The new parameter allows the kernel backend to install the new SA with
appropriate priorities, i.e. it should:
* as exchange inititator, have the new outbound SA installed with higher
priority than the old SA
* as exchange responder, have the new outbound SA installed with lower
priority than the old SA
While we could split up the SA installation at the responder, this approach
has another advantage: it allows the kernel backend to switch SAs based on
other criteria, for example when receiving traffic on the new inbound SA.
The TKM credential encoder creates fingerprints of type
KEYID_PUBKEY_INFO_SHA1 and KEYID_PUBKEY_SHA1 using
CRED_PART_RSA_PUB_ASN1_DER.
This makes the pkcs1 plugin unnecessary.
Load complete kernel_netlink plugin instead. Registering the TKM
specific plugins first still ensures that the correct ipsec plugin
is used.
Lazy initialize the RNG_WEAK plugin to avoid the unsatisfiable
soft dependency on startup.
An ALERT_KEEP_ON_CHILD_SA_FAILURE alert is issued when child SA establishment
fails but the corresponding IKE SA is not destroyed. To allow later creation
of child SAs the ISA context must be signaled that the implicity first child SA
creation was skipped.
The IKE and EES sockets are now read from strongswan.conf. They can be
specified like this:
charon-tkm {
ike_socket = /tmp/tkm.rpc.ike
ees_socket = /tmp/tkm.rpc.ees
}
The socket names given above are used by default if none are configured.
The TKM credential set extends the in-memory credential set. It
provides a private key enumerator which is used to instantiate private
key proxy objects on-demand. This allows the usage of private keys with
arbitrary identifiers.
Pass the reqid (of the first child config of an IKE SA) as remote identity id
when calling cc_set_user_certificate. May lead to the usage of the wrong id in
case an IKE SA has multiple child configurations/reqids.
This must be replaced with a proper lookup once the configuration backend is
implemented and provides remote identity ids to charon-tkm.
The key currently imitates the private key of alice@strongswan.org by
returning it's fingerprint in the get_fingerprint function.
This associates the private key with alice's X.509 cert and charon will
use it to create a signature over the local AUTH octets of the test
connection.
The private key serves as a proxy to the TKM ike_isa_sign operation and
extracts the required information from the auth octets chunk passed on
by the keymat.
Store the ISA context id and the initial message in the auth octets
chunk using the sign_info_t struct. Charon will pass on this information
to the TKM private key sign operation where it is extracted.
The key unconditionally returns TRUE for the verify operation if it is called
with a supported signature algorithm. All such verification operations are
performed by the TKM (e.g. trustchain or auth octets verification) anyway, so
this is safe.
The IKE init message sent to us by the peer is needed for authentication
in the authorization hook. Store the message as chunk in the keymat and
provide a getter to make it available.
Extract peer certificate information and build a TKM certificate chain
context in the authorize hook of the tkm_listener_t. The cc context will
be used for ISA authentication using certificates.
Tobias Brunner